# See /usr/share/postfix/main.cf.dist for a commented, more complete version#

1. # See /usr/share/postfix/main.cf.dist for a commented, more complete version
2.  
3.  
4. # Debian specific: Specifying a file name will cause the first
5. # line of that file to be used as the name. The Debian default
6. # is /etc/mailname.
7. #mydomain = example.com
8. #myorigin = $mydomain
9.  
10. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
11. biff = no
12.  
13. # appending .domain is the MUA's job.
14. append_dot_mydomain = no
15.  
16. # Uncomment the next line to generate "delayed mail" warnings
17. #delay_warning_time = 4h
18.  
19. readme_directory = /usr/share/doc/postfix
20.  
21. # TLS parameters
22. smtpd_tls_cert_file = /home/adminmator/example/ssl/example.crt
23. smtpd_tls_key_file = /home/adminmator/example/ssl/example.key
24. smtpd_use_tls = yes
25. smtpd_tls_auth_only = yes
26. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
27. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
28.  
29. # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
30. # information on enabling SSL in the smtp client.
31.  
32. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
33. myhostname = host.example.com
34. alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
35. alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
36. myorigin = /etc/mailname
37. mydestination = host.example.com, example.com, localhost, localhost.localdomain
38. relayhost =
39. mynetworks = 127.0.0.0/8 [::1]/128
40. #mailbox_command = procmail -a "$EXTENSION"
41. mailbox_size_limit = 0
42. recipient_delimiter = +
43. inet_interfaces = all
44. html_directory = /usr/share/doc/postfix/html
45. virtual_alias_domains =
46. virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
47. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
48. virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
49. virtual_mailbox_base = /var/vmail
50. virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
51. virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
52. sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
53. inet_protocols = all
54. smtpd_sasl_auth_enable = yes
55. broken_sasl_auth_clients = yes
56. smtpd_sasl_authenticated_header = yes
57. smtpd_restriction_classes = greylisting
58. greylisting = check_policy_service inet:127.0.0.1:10023
59. smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_rbl_client zen.spamhaus.org, check_policy_service unix:private/policy-spf ,check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf, permit
60. smtpd_tls_security_level = may
61. transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
62. relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
63. relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
64. smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
65. proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
66. smtpd_helo_required = yes
67. smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
68. smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
69. smtpd_client_restrictions = reject_rbl_client dnsbl.sorbs.net, check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
70. smtpd_client_message_rate_limit = 100
71. maildrop_destination_concurrency_limit = 1
72. maildrop_destination_recipient_limit = 1
73. virtual_transport = dovecot
74. header_checks = regexp:/etc/postfix/header_checks
75. mime_header_checks = regexp:/etc/postfix/mime_header_checks
76. nested_header_checks = regexp:/etc/postfix/nested_header_checks
77. body_checks = regexp:/etc/postfix/body_checks
78. owner_request_special = no
79. smtp_tls_security_level = may
80. smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
81. smtpd_tls_protocols = !SSLv2,!SSLv3
82. smtp_tls_protocols = !SSLv2,!SSLv3
83. smtpd_tls_exclude_ciphers = RC4, aNULL
84. smtp_tls_exclude_ciphers = RC4, aNULL
85. dovecot_destination_recipient_limit = 1
86. smtpd_sasl_type = dovecot
87. smtpd_sasl_path = private/auth
88. content_filter = amavis:[127.0.0.1]:10024
89. receive_override_options = no_address_mappings
90.  
91. #SPF
92. policy-spf_time_limit = 3600s
93.  
94. # DKIM
95. milter_default_action = accept
96. milter_protocol = 6
97. smtpd_milters = inet:localhost:12345
98. non_smtpd_milters = inet:localhost:12345
99.  
100. # Mail will be stored in users ~/Maildir directories
101. home_mailbox = Maildir/
102. mailbox_command =
103.  
104. Sorry, we were unable to deliver your message to the following address.
105.  
106. <admin@example.com>:
107. No MX or A records for example.com
108.  
109. <admin@example.com>: Host or domain name not found. Name service error for
110. name=host.example.com type=AAAA: Host not found
111.  
112. [Status: Error, Address: <admin@example.com>, ResponseCode 421, Host not reachable.]